From 65a3c79ca4bbdeee208155d8ea21f7f2842e9053 Mon Sep 17 00:00:00 2001
From: Pascal Corpet <pascal.corpet@m4x.org>
Date: Sun, 1 Jun 2008 11:38:28 +0200
Subject: [PATCH] uses perms field from auth groupex

---
 install/cookbook/xorgauth.php | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/install/cookbook/xorgauth.php b/install/cookbook/xorgauth.php
index 4c32ee6..9f201a6 100644
--- a/install/cookbook/xorgauth.php
+++ b/install/cookbook/xorgauth.php
@@ -39,7 +39,7 @@ Markup('xnetpage','inline','/\\(:xnetpage\\s*(.*?):\\)/e', "XnetPage('$1')");
 function XnetPage($page) {
   global $XnetWikiGroup;
   if (!$XnetWikiGroup) return;
-  return Keep('<iframe style="width:100%;height:400px;border:none" src="http://dev.polytechnique.net/~x2001corpet/'.($_SESSION['xorgauth']?'login/':'').$XnetWikiGroup.'/'.$page.'"></iframe>');
+  return Keep('<iframe style="width:100%;height:400px;border:none" src="http://www.polytechnique.net/'.($_SESSION['xorgauth']?'login/':'').$XnetWikiGroup.'/'.$page.'"></iframe>');
 }
 
 // Récupère les droits au niveau du dossier (Group PmWiki)
@@ -86,7 +86,7 @@ function XorgAuthConnectPlatal() {
  @session_start();
  if (isset($_GET['auth']) && !$_SESSION['xorgauth'] && $_SESSION['challenge']) {
 	$tohash = '1'.$_SESSION['challenge'].'6e9c9fa9bac23541fe67697c4eff5be6';
-	$fields = explode(',','forlife,nom,prenom,promo,grpauth');
+	$fields = explode(',','forlife,nom,prenom,promo,grpauth,perms');
 	foreach ($fields as $f) if (isset($_GET[$f])) {
 		$tohash .= $_GET[$f];
 	}
@@ -110,6 +110,10 @@ function XorgAuthTestPassword($password) {
   if (!$password) {
     return true;
   }
+  if ($_SESSION['perms'] == 'admin') {
+	// administrateur du site d'authentification et donc super user ici aussi
+	return true;
+  }
   $parts = explode(' ',$password);
   foreach ($parts as $pass) {
   	if ($pass == 'all' || $pass == 'public') {
@@ -130,7 +134,8 @@ function XorgAuthTestPassword($password) {
   }
   return false;
 }
- 
+
+// test if user has admin rights on this wiki field
 function XorgAuthIsSiteAdmin() {
   global $DefaultPasswords;
   return XorgAuthTestPassword($DefaultPasswords['admin']);
@@ -139,6 +144,7 @@ function XorgAuthIsSiteAdmin() {
 // fonction d'authentification : appellée avant tout accès à une page
 function XorgAuth($pagename, $level, $authprompt, $since) {
  global $XnetWikiGroup;
+  // user was authenticaed to another site, but the site has changed
   if (isset($_SESSION['authsite']) && $XnetWikiGroup != $_SESSION['authsite']) {
     XorgAuthConnectPlatal();
    	return false;
-- 
2.1.4